Number of non-standard operational procedures executed
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Number of incidents caused by operational problems
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Ratio of events compared to the number of incidents
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of critical operational event types covered by automatic detection systems
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Number and percent of incidents causing disruption to business-critical processes
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Mean time between incidents according to IT-enabled service
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of incidents resolved within an agreed-on/acceptable period of time
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Level of user satisfaction with service request fulfillment
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Mean elapsed time for handling each type of service request
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Decrease in number of recurring incidents caused by unresolved problems
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of major incidents for which problems were logged
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of workarounds defined for open problems
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of problems logged as part of the proactive problem management activity
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Number of problems for which a satisfactory resolution that addressed root causes were found
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of IT services meeting up-time requirements
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of successful and timely restoration from backup or alternate media copies
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of backup media transferred and stored securely
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Number of critical business systems not covered by the plan
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Number of exercises and tests that have achieved recovery objectives
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Frequency of tests
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of agreed-on improvements to the plan that have been reflected in the plan
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of issues identified that have been subsequently addressed in the plan
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of internal and external stakeholders that have received training
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of issues identified that have been subsequently addressed in the training materials
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Number of vulnerabilities discovered
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Number of firewall breaches
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of individuals receiving awareness training relating to use of endpoint devices
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Number of incidents involving endpoint devices
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Number of unauthorized devices detected on the network or in the end-user environment
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Average time between change and update of accounts
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Number of accounts (vs. number of authorized users/staff)
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of periodic tests of environmental security devices
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Average rating for physical security assessments
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Number of physical security-related incidents
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Number of incidents relating to unauthorized access to information
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of completed inventory of critical processes and key controls
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of coverage of key controls within test plans
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Number of incidents and audit report findings indicating failure of key controls
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of business process roles with assigned access rights and levels of authority
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of business process roles with clear separation of duties
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Number of incidents and audit findings due to access or separation of duties violations
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Percent of completeness of traceable transaction log
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
Number of incidents where transaction history cannot be recovered
Maintained By: <?>
Submitted By: <?>
Frequency of Submission: <?>
References & Related Standard:
BS 25999:2007, Business Continuity Standard
ITIL V3 2011
Service Design, 4.6 IT Service Continuity Management
Service Operation, 4.1 Event Management
Service Operation, 4.2 Incident Management
Service Operation, 4.3 Request Fulfilment
Service Operation, 4.4 Problem Management
Service Operation, 4.5 Access Management
ISO/IEC 20000
6.1 Service level management
6.3 Service continuity and availability management
8.2 Indecent management
8.3 Problem management
ISO 27002:2011
Code of practice for information security management
13. Information Security Incident Management
14. Business Continuity Management
NIST SP800-53 Rev1, Recommended Security Controls for USA Federal Information Systems
Tab Item Content
Practicing Strategy in an uncertain world, a modern strategy that works will require leaders to learn new skills and apply new tools. Here’s a primer for a refreshed approach.
Why it takes curiosity and support to innovate, curiosity is the root of innovation, but collaboration and corporate support are necessary for ideas to become realities. There is a vast difference between posting a motivational slogan for innovation and implementing practices that support innovation.
Create a score card to keep strategy on track, using a color-coded score card can help keep teams on track when implementing strategies, along with clear guidance, deadlines and constant communication from leaders, writes Blake Beattie. “Successful execution relies on your team knowing their role and playing their role to achieve specific outcomes,” he writes.
3 Steps to Tackle Business Growth Challenges, companies must uncover what makes them distinct to customers, create and empower growth teams, and be ready to commit years to growth plans. For a lot of CEOs, tenure is quite short, so in the back of their minds, it’s ‘forget the next three years. I’ve got to get the next six months right.
Distributed Leadership in the Decision-Making Process, not every program or strategy is universal, and it pays to investigate whether the move is right for your environment and organization. The process of making a decision together as a community is sometimes more important than the actual decision made.
